Article review #2:
Are we the Problem?

This article is the result of an attempt to learn and explain the reasons why the human factor is the weakest link in cybersecurity. Sulaiman et al. (2022) wrote this article after reviewing 60 different studies published between 2008 and 2020. Their overall findings point to a few main theories. These theories were mentioned extensively and were talked about as individual theories or combined with other prominent theories. The most mentioned theories were Theory of Planned Behavior (TPB), General Deterrence Theory (GDT), and Protection Motivation Theory (PMT).

When selecting sources of information to include in their research, Sulaiman et al. (2022) were meticulous in their choices. In order for an article to be accepted into the study, it had to use empirical data. In addition, they decided to only accept articles published during the 13-year span between 2008 and 2020. With the ever-changing world of cyberspace, this allowed the included studies to be more current and relevant. To be included in the 60, Sulaiman et al. (2022) excluded conference proceedings, book chapters, and any other non-peer-reviewed article in order to ensure the validity of the information contained in their journal. In the end all 60 of the included studies were peer-reviewed articles from multiple reputable publishers and journals.


Unsurprisingly Sulaiman et al. (2022) discovered that an organization can have extensive Cybersecurity systems and programs in place only to have the human factor prove to be the biggest security risk. Module 4 talks about how the human factor is a variable that is all but impossible to eliminate without proper training. Sulaiman et al. (2022) concur in their article stating more than once that organizations need proper training and it is the responsibilities of those in power to provide up to date and relevant training if said organization hopes to strengthen its weakest link in cybersecurity. Sulaiman et al. (2022) urge that GDT, TPB, and PMT be reviewed by those in the cybersecurity field in an attempt to gain more insight in the fight against Cybercrime.


Sulaiman, N., Fauzi, M., Wider, W., Rajadurai, J., Hussain, S., & Harun, S. (2022). Cyber–Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review. Social Sciences (Basel), 11(9), 386. Retrieved from